madonnafra
04-25-2002, 04:41 AM
<font FACE="arial,helvetica"><font SIZE="2" FAMILY="SANSSERIF" FACE="Verdana" LANG="0">David,
Here is more detailed information about the virus. I found out when I read the list that I had already received it twice in my e-mail in as many days. Both times I deleted them before reading them.
Blessings,
Gayle
WORM WATCH
Evil e-mail tricks PC users
'Klez' disguises self with variety of subjects, senders
http://www.wnd.com/news/article.asp?ARTICLE_ID=27376
----------------------------------------------------------------------
------
----
Posted: April 25, 2002
1:00 a.m. Eastern
By Joe Kovacs
ÃÂÃÂÃÂÃÂÃÂÃÂà ÂÃÂÃÂÃÂÃÂÃÂà ÂÃÂÃÂé 2002 WorldNetDaily.com
If you're seeing a sudden surge in the amount of e-mail in your inbox,
chances are it has little do with your popularity.
Delete buttons on personal computers are getting a workout this week
thanks
to a tricky e-mail worm tunneling across America and the rest of the
world.
Known as "Klez," the worm has been bombarding mailboxes with
unsolicited
messages, replicating itself and changing its own appearance by
displaying a
variety of subjects and senders.
"It's a worm that spreads really quickly," said Sharon Ruckman, senior
director for anti-virus software maker Symantec's security response
team.
"And it carries an additional payload that can do some damage."
That additional payload is a virus known as "Elkern," which tries to
infect
other systems by sharing information. When combined with Klez, the two
create problems that go beyond large amounts of incoming mail.
"It can release confidential information on your system which is
never a
good thing to have happen," Ruckman told WorldNetDaily. "It also has
the
ability to remove anti-virus software."
Klez is more deceptive than some previous problem e-mails, as it has
a wide
variety of titles displayed in the subject line, and can latch on to
an
e-mail address of someone a user knows and insert it in the "From"
field,
making users more apt to open it and thus get infected.
Some of the titles listed in infected mails include:
how are you
let's be friends
darling
so cool a flash,enjoy it
your password
honey
some questions
please try again
welcome to my hometown
The Garden of Eden
introduction on ADSL
meeting notice
questionnaire
congratulations
sos!
japanese girl VS playboy
look,my beautiful girl friend
eager to see you
spice girls' vocal concert
japanese lass' sexy pictures
Klez also uses some combinations of random words in subject lines, to
make
it even more confusing. The random words include:
new
funny
nice
humour
excite
good
powful
WinXP
IE 6.0
W32.Elkern
W32.Klez.E
Symantec
Mcafee
F-Secure
Sophos
Trendmicro
Kaspersky
Some messages even appear to be trying to help PC users by offering a
patch
or removal tool for Klez or Elkern, but are nothing more than the worm
itself.
"They're trying to get people to open it," Ruckman said regarding the
virus
writers' clever deception skills. She adds her company does not e-mail
people randomly with removal tools.
Symantec has ranked Klez at a category 3 medium risk on a scale of 1
to 5,
with 5 being the most dangerous.
"That means it's spreading in the wild more quickly, but it's not as
serious
as [other viruses like] Melissa or LoveBug," Ruckman said. She also
says the
Nimda virus which debuted last year is still problematic.
According to anti-virus software maker Trend Micro's world virus
tracking
center, Elkern and Klez are currently the top two ranked viruses. In
the
past 24 hours, they are estimated to have infected over 400,000 files
globally.
Several strategies can be employed in preventing computers from being
infected. Home PC users should avoid opening the messages and delete
e-mails
with attachments, especially if something appears strange in the
subject or
sender's line.
"Don't be curious about e-mail," Ruckman said. "Just delete it." Once
deleted, users should also empty their trash bins.
She also recommends having anti-virus software on your machine, plus
the
"latest and greatest software patches," which can be downloaded from
Microsoft.
Corporate e-mail users can have their system administrators attack the
problem by filtering out certain attachments and subject lines at the
gateway of their mail servers.
If a computer has been infected, free removal tools are available
from both
Symantec and Trend Micro.
But despite assurances from anti-virus companies, some organizations
like
ACT Teleconferencing in Hong Kong are having trouble curing the
problem.
"Irrespective of what Symantec or other vendors say, there has been
no way
to stop this worm in the short term," Bob Deverell of ACT told the
South
China Morning Post this week.
"We have been struggling to clean our machines," he said. "We haven't
been
able to stop it and we're very competent."
</font>
Here is more detailed information about the virus. I found out when I read the list that I had already received it twice in my e-mail in as many days. Both times I deleted them before reading them.
Blessings,
Gayle
WORM WATCH
Evil e-mail tricks PC users
'Klez' disguises self with variety of subjects, senders
http://www.wnd.com/news/article.asp?ARTICLE_ID=27376
----------------------------------------------------------------------
------
----
Posted: April 25, 2002
1:00 a.m. Eastern
By Joe Kovacs
ÃÂÃÂÃÂÃÂÃÂÃÂà ÂÃÂÃÂÃÂÃÂÃÂà ÂÃÂÃÂé 2002 WorldNetDaily.com
If you're seeing a sudden surge in the amount of e-mail in your inbox,
chances are it has little do with your popularity.
Delete buttons on personal computers are getting a workout this week
thanks
to a tricky e-mail worm tunneling across America and the rest of the
world.
Known as "Klez," the worm has been bombarding mailboxes with
unsolicited
messages, replicating itself and changing its own appearance by
displaying a
variety of subjects and senders.
"It's a worm that spreads really quickly," said Sharon Ruckman, senior
director for anti-virus software maker Symantec's security response
team.
"And it carries an additional payload that can do some damage."
That additional payload is a virus known as "Elkern," which tries to
infect
other systems by sharing information. When combined with Klez, the two
create problems that go beyond large amounts of incoming mail.
"It can release confidential information on your system which is
never a
good thing to have happen," Ruckman told WorldNetDaily. "It also has
the
ability to remove anti-virus software."
Klez is more deceptive than some previous problem e-mails, as it has
a wide
variety of titles displayed in the subject line, and can latch on to
an
e-mail address of someone a user knows and insert it in the "From"
field,
making users more apt to open it and thus get infected.
Some of the titles listed in infected mails include:
how are you
let's be friends
darling
so cool a flash,enjoy it
your password
honey
some questions
please try again
welcome to my hometown
The Garden of Eden
introduction on ADSL
meeting notice
questionnaire
congratulations
sos!
japanese girl VS playboy
look,my beautiful girl friend
eager to see you
spice girls' vocal concert
japanese lass' sexy pictures
Klez also uses some combinations of random words in subject lines, to
make
it even more confusing. The random words include:
new
funny
nice
humour
excite
good
powful
WinXP
IE 6.0
W32.Elkern
W32.Klez.E
Symantec
Mcafee
F-Secure
Sophos
Trendmicro
Kaspersky
Some messages even appear to be trying to help PC users by offering a
patch
or removal tool for Klez or Elkern, but are nothing more than the worm
itself.
"They're trying to get people to open it," Ruckman said regarding the
virus
writers' clever deception skills. She adds her company does not e-mail
people randomly with removal tools.
Symantec has ranked Klez at a category 3 medium risk on a scale of 1
to 5,
with 5 being the most dangerous.
"That means it's spreading in the wild more quickly, but it's not as
serious
as [other viruses like] Melissa or LoveBug," Ruckman said. She also
says the
Nimda virus which debuted last year is still problematic.
According to anti-virus software maker Trend Micro's world virus
tracking
center, Elkern and Klez are currently the top two ranked viruses. In
the
past 24 hours, they are estimated to have infected over 400,000 files
globally.
Several strategies can be employed in preventing computers from being
infected. Home PC users should avoid opening the messages and delete
e-mails
with attachments, especially if something appears strange in the
subject or
sender's line.
"Don't be curious about e-mail," Ruckman said. "Just delete it." Once
deleted, users should also empty their trash bins.
She also recommends having anti-virus software on your machine, plus
the
"latest and greatest software patches," which can be downloaded from
Microsoft.
Corporate e-mail users can have their system administrators attack the
problem by filtering out certain attachments and subject lines at the
gateway of their mail servers.
If a computer has been infected, free removal tools are available
from both
Symantec and Trend Micro.
But despite assurances from anti-virus companies, some organizations
like
ACT Teleconferencing in Hong Kong are having trouble curing the
problem.
"Irrespective of what Symantec or other vendors say, there has been
no way
to stop this worm in the short term," Bob Deverell of ACT told the
South
China Morning Post this week.
"We have been struggling to clean our machines," he said. "We haven't
been
able to stop it and we're very competent."
</font>